CVE-2021-3156

critical-risk

Published 2021-01-26

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Do I need to act?

92.3% chance of exploitation in next 30 days

EPSS score — higher than 8% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

2 public exploits available

49521, 49522

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (20)

Sudo

Fedora

Debian Linux

Active Iq Unified Manager

Cloud Backup

Hci Management Node

Oncommand Unified Manager Core Package

Ontap Select Deploy Administration Utility

Ontap Tools

Solidfire

Web Gateway

Diskstation Manager Unified Controller

Diskstation Manager

Skynas Firmware

Affected Vendors

Debian Oracle Mcafee Sudo Project Fedoraproject Netapp Synology Beyondtrust

References (68)

Exploit http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html

Exploit http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escal...

Exploit http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privile...

Exploit http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflo...

Exploit http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overf...

Mailing List http://seclists.org/fulldisclosure/2021/Feb/42

Exploit http://seclists.org/fulldisclosure/2021/Jan/79

Exploit http://seclists.org/fulldisclosure/2024/Feb/3

Exploit http://www.openwall.com/lists/oss-security/2021/01/26/3

Mailing List http://www.openwall.com/lists/oss-security/2021/01/27/1

Mailing List http://www.openwall.com/lists/oss-security/2021/01/27/2

Exploit http://www.openwall.com/lists/oss-security/2021/02/15/1

Mailing List http://www.openwall.com/lists/oss-security/2021/09/14/2

Exploit http://www.openwall.com/lists/oss-security/2024/01/30/6

Mailing List http://www.openwall.com/lists/oss-security/2024/01/30/8

Broken Link https://kc.mcafee.com/corporate/index?page=content&id=SB10348

Mailing List https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html

Mailing List https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Third Party Advisory https://security.gentoo.org/glsa/202101-33

and 48 more references

/ 100

critical-risk

Severity 24/34 · High

Exploitability 27/34 · High

Exposure 22/34 · High